Tastyer

Privacy Policy

Last updated: April 13, 2026

1. Introduction

Tastyer (“we”, “our”, “us”) respects your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use the Tastyer mobile application (“App”).

2. Data We Collect

Account Information

• Email address
• Username (auto-generated, editable)
• Password (hashed, never stored in plain text)
• Social sign-in identifiers (Google ID, Apple ID) if you use social login
• Language preference

Recipe Data

• Recipe URLs you submit for transformation
• Original and transformed recipe ingredients
• Nutritional macro estimates (AI-generated)
• Your recipe ratings and view history

Grocery Lists

• Items added to your grocery list from recipes
• Checked/unchecked status of grocery items

Quiz & Social Data

• Quiz answers and scores
• Friend connections (initiated by you)

Technical Data

• Device language (via Accept-Language header)
• API request metadata (timestamps, IP addresses in server logs)

3. How We Use Your Data

• Provide the service: Transform recipes, maintain your library, generate grocery lists
• Authentication: Verify your identity and manage your account
• Improvement: Understand usage patterns to improve the App
• Communication: Send service-related notifications (e.g., account security)

4. Third-Party Services

We share limited data with the following third-party services:

• OpenAI:Recipe ingredient data is sent to OpenAI's API for AI-powered transformation. No personal identifiers are included in these requests.
• Google Sign-In: If you sign in with Google, we receive your Google ID and email. See Google's Privacy Policy.
• Apple Sign-In: If you sign in with Apple, we receive your Apple ID. See Apple's Privacy Policy.
• Pexels: Recipe titles may be sent to Pexels for image search. No personal data is shared.

5. Data Storage & Security

• Data is stored on secure servers within the European Union
• Passwords are hashed using bcrypt
• API communication is encrypted via TLS (HTTPS)
• Authentication uses JWT tokens (short-lived access tokens + refresh tokens)
• We implement rate limiting and security headers to protect against common attacks

6. Data Retention

We retain your data for as long as your account is active. When you delete your account, your personal data is permanently removed from our systems within 30 days. Server logs containing IP addresses are retained for up to 90 days for security purposes.

7. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Delete your account and associated data
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing of your personal data

To exercise these rights, contact us at privacy@tastyer.com.

8. Cookies & Tracking

The Tastyer App does not use cookies or third-party tracking. We do not serve advertisements. We do not share your data with data brokers or advertising networks.

9. Children's Privacy

The App is not intended for children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us to have it removed.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes through the App. Continued use after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or to exercise your data rights:

Email: privacy@tastyer.com